Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/mgUTbP89sazHg1ECrxZlk08fgIE.roa
File: mgUTbP89sazHg1ECrxZlk08fgIE.roa (raw, json)
Hash identifier: z9okb0HUMHaY/rQQxNj4p4EVgs/9X7YciKys2KO3jNk=
Subject key identifier: 9A:05:13:6C:FF:3D:B1:AC:C7:83:51:02:AF:16:65:93:4F:1F:80:81
Certificate issuer: /CN=bfabf5a474afe7212331670e831e119da38f284f
Certificate serial: 0AEDAAA6
Authority key identifier: BF:AB:F5:A4:74:AF:E7:21:23:31:67:0E:83:1E:11:9D:A3:8F:28:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v6v1pHSv5yEjMWcOgx4RnaOPKE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/mgUTbP89sazHg1ECrxZlk08fgIE.roa
Signing time: Wed 20 Apr 2022 08:31:38 +0000
ROA not before: Wed 20 Apr 2022 08:31:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21232
IP address blocks: 185.41.132.0/22 maxlen: 22
185.108.244.0/22 maxlen: 22
185.70.68.0/22 maxlen: 22
185.110.184.0/22 maxlen: 22
185.119.36.0/22 maxlen: 22
62.32.0.0/19 maxlen: 19
185.41.76.0/22 maxlen: 22
82.192.224.0/19 maxlen: 19
185.110.88.0/22 maxlen: 22
77.74.56.0/21 maxlen: 21
213.160.32.0/19 maxlen: 19
79.142.128.0/20 maxlen: 20
195.216.64.0/19 maxlen: 19
185.132.16.0/22 maxlen: 22
185.64.184.0/22 maxlen: 22
185.31.248.0/22 maxlen: 22
185.110.72.0/22 maxlen: 22
185.45.236.0/22 maxlen: 22
93.184.16.0/20 maxlen: 20
2a02:5c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 183347878 (0xaedaaa6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfabf5a474afe7212331670e831e119da38f284f
Validity
Not Before: Apr 20 08:31:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a05136cff3db1acc7835102af1665934f1f8081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ba:b2:69:f3:77:9c:d9:b3:c3:3d:93:05:52:
85:2c:39:51:1d:ca:a8:28:27:dd:1d:96:4d:10:e5:
f0:9f:4c:ce:7e:b0:21:55:3c:6d:9c:a3:44:86:4c:
63:98:57:ad:68:4f:d7:30:e0:f7:e7:b6:8e:ad:85:
0b:f0:61:e3:4a:27:65:5c:8e:05:91:52:fa:d9:f0:
9e:e3:9c:3c:4d:e2:64:64:22:9a:05:ba:71:e4:e0:
48:5a:24:28:00:23:ec:6b:3d:d7:e4:ec:6c:5e:84:
1c:dd:35:03:86:de:84:34:3b:96:9b:47:dd:05:f8:
b9:e8:87:5f:ff:1c:98:ab:0f:c6:5c:95:27:9a:2e:
66:c0:14:04:ae:bd:bc:ab:d5:3e:93:8f:d5:34:1f:
da:48:56:bd:bc:58:f6:a7:12:4c:63:ce:be:12:9c:
7b:f4:0d:7d:89:da:6d:a9:b9:61:88:8a:a2:8f:d4:
ca:4f:f4:db:f6:de:7a:68:84:83:6d:3d:7c:9d:13:
ba:fa:47:c8:4b:40:8f:81:db:54:f8:13:69:34:46:
96:d3:5b:b1:cf:9a:19:01:46:03:d6:00:d3:84:9c:
9f:c0:0d:9c:49:75:0f:db:d0:b9:3a:0c:36:ea:3d:
af:c5:de:f9:e0:40:25:06:4d:db:ab:2d:5a:c4:d1:
bf:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:05:13:6C:FF:3D:B1:AC:C7:83:51:02:AF:16:65:93:4F:1F:80:81
X509v3 Authority Key Identifier:
keyid:BF:AB:F5:A4:74:AF:E7:21:23:31:67:0E:83:1E:11:9D:A3:8F:28:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v6v1pHSv5yEjMWcOgx4RnaOPKE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/mgUTbP89sazHg1ECrxZlk08fgIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/v6v1pHSv5yEjMWcOgx4RnaOPKE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.32.0.0/19
77.74.56.0/21
79.142.128.0/20
82.192.224.0/19
93.184.16.0/20
185.31.248.0/22
185.41.76.0/22
185.41.132.0/22
185.45.236.0/22
185.64.184.0/22
185.70.68.0/22
185.108.244.0/22
185.110.72.0/22
185.110.88.0/22
185.110.184.0/22
185.119.36.0/22
185.132.16.0/22
195.216.64.0/19
213.160.32.0/19
IPv6:
2a02:5c0::/32
Signature Algorithm: sha256WithRSAEncryption
8e:47:a3:d3:0e:b6:a1:2b:54:40:f6:cf:23:e5:1d:e6:be:42:
3d:8f:59:b9:49:72:2d:d1:89:cd:2a:0f:ae:61:75:07:21:e7:
ae:3d:0f:46:81:bd:70:4f:f7:a8:f3:ee:96:da:4d:f2:fb:ec:
a6:2d:47:88:f3:83:c1:c6:6f:f6:e7:dd:03:b4:a8:a2:1d:4b:
a2:45:6a:5e:4c:53:54:cd:cb:dd:f4:e3:66:c1:f7:cc:73:6b:
8c:3f:a3:48:50:d3:96:c3:62:b8:9e:8f:a9:1d:b8:e5:15:e6:
8e:fb:2c:5f:e0:cd:cc:9d:7c:e8:83:92:61:b0:8d:4f:fe:43:
68:c2:7d:37:a2:7a:65:d8:5a:3c:03:97:94:85:a2:5a:99:da:
27:ae:4a:91:fa:39:6d:0a:fc:f9:25:c1:d3:27:9d:3f:eb:da:
20:9e:93:3a:8a:3b:f2:06:22:2c:1e:71:dd:54:52:3a:7f:db:
41:c7:c1:21:58:1e:82:62:09:23:0b:0f:40:9e:36:25:07:c9:
1b:48:05:e2:92:48:f0:9d:93:ad:a0:c2:7f:27:e9:25:cb:e1:
c8:da:2b:0e:71:3c:75:2d:cd:a3:3a:10:3d:ff:1c:3e:d0:71:
4c:ca:59:6d:4b:51:d5:0d:1c:20:b0:23:49:5d:d3:ed:f0:d8:
69:68:46:1f
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIECu2qpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZmFiZjVhNDc0YWZlNzIxMjMzMTY3MGU4MzFlMTE5ZGEzOGYyODRmMB4XDTIyMDQy
MDA4MzEzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWEwNTEzNmNmZjNk
YjFhY2M3ODM1MTAyYWYxNjY1OTM0ZjFmODA4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKW6smnzd5zZs8M9kwVShSw5UR3KqCgn3R2WTRDl8J9Mzn6w
IVU8bZyjRIZMY5hXrWhP1zDg9+e2jq2FC/Bh40onZVyOBZFS+tnwnuOcPE3iZGQi
mgW6ceTgSFokKAAj7Gs91+TsbF6EHN01A4behDQ7lptH3QX4ueiHX/8cmKsPxlyV
J5ouZsAUBK69vKvVPpOP1TQf2khWvbxY9qcSTGPOvhKce/QNfYnabam5YYiKoo/U
yk/02/beemiEg209fJ0TuvpHyEtAj4HbVPgTaTRGltNbsc+aGQFGA9YA04Scn8AN
nEl1D9vQuToMNuo9r8Xe+eBAJQZN26stWsTRvzUCAwEAAaOCAocwggKDMB0GA1Ud
DgQWBBSaBRNs/z2xrMeDUQKvFmWTTx+AgTAfBgNVHSMEGDAWgBS/q/WkdK/nISMx
Zw6DHhGdo48oTzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Y2djFwSFN2NXlFak1XY09neDRSbmFPUEtFOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvMDE4OGRhLTM2NTUtNDgyZC04ODFiLWZlYmJjNGEzYjQ1Yi8x
L21nVVRiUDg5c2F6SGcxRUNyeFpsazA4ZmdJRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
MDE4OGRhLTM2NTUtNDgyZC04ODFiLWZlYmJjNGEzYjQ1Yi8xL3Y2djFwSFN2NXlF
ak1XY09neDRSbmFPUEtFOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
nAYIKwYBBQUHAQcBAf8EgYwwgYkweAQCAAEwcgMEBT4gAAMEA01KOAMEBE+OgAME
BVLA4AMEBF24EAMEArkf+AMEArkpTAMEArkphAMEArkt7AMEArlAuAMEArlGRAME
Arls9AMEArluSAMEArluWAMEArluuAMEArl3JAMEArmEEAMEBcPYQAMEBdWgIDAN
BAIAAjAHAwUAKgIFwDANBgkqhkiG9w0BAQsFAAOCAQEAjkej0w62oStUQPbPI+Ud
5r5CPY9ZuUlyLdGJzSoPrmF1ByHnrj0PRoG9cE/3qPPultpN8vvspi1HiPODwcZv
9ufdA7Sooh1LokVqXkxTVM3L3fTjZsH3zHNrjD+jSFDTlsNiuJ6PqR245RXmjvss
X+DNzJ186IOSYbCNT/5DaMJ9N6J6ZdhaPAOXlIWiWpnaJ65Kkfo5bQr8+SXB0yed
P+vaIJ6TOoo78gYiLB5x3VRSOn/bQcfBIVgegmIJIwsPQJ42JQfJG0gF4pJI8J2T
raDCfyfpJcvhyNorDnE8dS3NozoQPf8cPtBxTMpZbUtR1Q0cILAjSV3T7fDYaWhG
Hw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org